From 1e6e885909c58d97e158cd956866930b17a01335 Mon Sep 17 00:00:00 2001 From: Francesco Racciatti <97034431+francesco-racciatti@users.noreply.github.com> Date: Wed, 18 Sep 2024 15:21:58 +0200 Subject: [PATCH] deps(go): bump go version to 1.23 (#120) This PR bumps go to 1.23 and fixes the following CVEs: - CVE-2024-34155 - CVE-2024-34156 - CVE-2024-34158 Signed-off-by: francesco-racciatti --- .github/workflows/presubmit.yml | 2 +- .github/workflows/release.yml | 2 +- go.work | 4 ++-- pkg/go.mod | 2 +- runtimes/cloudformation/go.mod | 10 +++++----- runtimes/cloudformation/go.sum | 16 ++++++++-------- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/presubmit.yml b/.github/workflows/presubmit.yml index 0498304..dc466ea 100644 --- a/.github/workflows/presubmit.yml +++ b/.github/workflows/presubmit.yml @@ -5,7 +5,7 @@ on: branches: [ dev ] env: - GO_VERSION: 1.22.x + GO_VERSION: 1.23.x jobs: test-pkg-lib: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1e74f1b..bb08112 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: - 'v*' env: - GO_VERSION: 1.22.x + GO_VERSION: 1.23.x jobs: release: diff --git a/go.work b/go.work index 70f03b6..810f41a 100644 --- a/go.work +++ b/go.work @@ -1,6 +1,6 @@ -go 1.22 +go 1.23 -toolchain go1.22.2 +toolchain go1.23.1 use ( pkg diff --git a/pkg/go.mod b/pkg/go.mod index 7b20d22..643e610 100644 --- a/pkg/go.mod +++ b/pkg/go.mod @@ -1,6 +1,6 @@ module github.com/sysdiglabs/agent-kilt/pkg -go 1.22 +go 1.23 require ( github.com/Jeffail/gabs/v2 v2.7.0 diff --git a/runtimes/cloudformation/go.mod b/runtimes/cloudformation/go.mod index 30a52ac..8e9e612 100644 --- a/runtimes/cloudformation/go.mod +++ b/runtimes/cloudformation/go.mod @@ -1,6 +1,6 @@ module github.com/sysdiglabs/agent-kilt/runtimes/cloudformation -go 1.22 +go 1.23 require ( github.com/Jeffail/gabs/v2 v2.7.0 @@ -9,14 +9,14 @@ require ( github.com/google/go-containerregistry v0.20.2 github.com/rs/zerolog v1.33.0 github.com/stretchr/testify v1.9.0 - github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240725105437-d4b770a76411 + github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240808103223-011d2ea63e8a github.com/yudai/gojsondiff v1.0.0 ) require ( github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/docker/cli v27.1.1+incompatible // indirect + github.com/docker/cli v27.2.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/go-akka/configuration v0.0.0-20200606091224-a002c0330665 // indirect @@ -37,7 +37,7 @@ require ( github.com/vbatts/tar-split v0.11.5 // indirect github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect github.com/yudai/pp v2.0.1+incompatible // indirect - golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.22.0 // indirect + golang.org/x/sync v0.8.0 // indirect + golang.org/x/sys v0.25.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/runtimes/cloudformation/go.sum b/runtimes/cloudformation/go.sum index d43bcb5..c50f279 100644 --- a/runtimes/cloudformation/go.sum +++ b/runtimes/cloudformation/go.sum @@ -11,8 +11,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docker/cli v27.1.1+incompatible h1:goaZxOqs4QKxznZjjBWKONQci/MywhtRv2oNn0GkeZE= -github.com/docker/cli v27.1.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v27.2.1+incompatible h1:U5BPtiD0viUzjGAjV1p0MGB8eVA3L3cbIrnyWmSJI70= +github.com/docker/cli v27.2.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= @@ -95,8 +95,8 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240725105437-d4b770a76411 h1:0Wff4lPs+kNvjdzIH+xH3WMOyQjrykd13gSkKgCDpX4= -github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240725105437-d4b770a76411/go.mod h1:IGhfv/WolPMOWrmVMUzLMarZsA1E5F7Om6cTRoANiq4= +github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240808103223-011d2ea63e8a h1:4IMaria5zjN0pIm6rjYH96BXx/Nzb1/AL1Xg3odKkNc= +github.com/sysdiglabs/agent-kilt/pkg v0.0.0-20240808103223-011d2ea63e8a/go.mod h1:IGhfv/WolPMOWrmVMUzLMarZsA1E5F7Om6cTRoANiq4= github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= github.com/yudai/gojsondiff v1.0.0 h1:27cbfqXLVEJ1o8I6v3y9lg8Ydm53EKqHXAOMxEGlCOA= @@ -120,8 +120,8 @@ golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -135,8 +135,8 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= +golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM=